EFF (the Electronic Frontier Foundation) has filed a Freedom of Information (FOIA) lawsuit against the Justice Department. The digital rights group wants to learn whether the government has made use of secret court orders to force tech companies to provide access to encrypted user data.
After the Apple vs the FBI battle, there has been renewed interest in how companies handle not only encryption, but government requests for access to such data. With services such as WhatsApp enabling end-to-end encryption, attention has now switched to what might be happening in the background without users' knowledge. While Apple very publicly refused to provide decryption keys, EFF -- and others -- are concerned that secret court orders may be used to hide what is really happening.
NTT Com Security today released its annual Global Threat Intelligence Report (GTIR), which examines the threat landscape by analyzing the attacks, threats and trends from the previous year.
This year’s report is the most comprehensive to date, featuring key findings from partners including Lockheed Martin and the Center for Internet Security and pulling information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and nearly 8,000 security clients across six continents.
As Apple releases its transparency report, Google today releases its second Android Security Annual report. The report covers all things Android, from the security of the operating system itself, to the security of Google Play and the apps it provides access to. Of course, Google is keen to highlight everything it does to improve security for its users.
As such, the report shows how the company performs more than 400 million automatic security scans per day on devices with Google Mobile Services. Aided by machine learning, these scans help to home in on what are referred to as Potentially Harmful Applications (PHAs). Google points out that just 0.5 percent of scanned devices feature PHAs, and this dropped to 0.15 percent for devices that only installed apps from Google Play.
A new report from Corero Network Security, which provides security solutions against distributed denial of service (DDoS) attacks, shows that 85 percent of enterprise end users want their Internet Service Providers (ISPs) to offer better protection against DDoS attacks.
To compile its research, the security company polled more than 100 ISPs and 75 enterprise customers in regards to their DDoS mitigation strategies. Corero found that a high number of ISPs still rely on outdated technologies to protect their customers from these attacks.
Reinvigorated interest in privacy, security and surveillance means that the transparency reports published by tech companies are always greeted with some enthusiasm. How much data are governments around the world asking for from companies? How much user data are companies handing over to the authorities?
Apple's latest transparency report reveals that the iPhone manufacturer has complied with an increased number of requests for data -- including 80 percent of requests in North America, and 97 percent in Latin America. But while the report makes for interesting reading, it also highlights a problem that Microsoft recently sued the Department of Justice over: even if companies want to be transparent about data requests, when it comes to National Security Requests it is not even possible to report the precise number of requests that have been received.
The major messaging services are now placing a greater emphasis on their users' privacy and security, following the heated encryption debate started by Apple and the FBI. Viber has just announced end-to-end encryption support, making it the second leading player this month to introduce this feature after WhatsApp.
Viber has over 700 million users across the globe, but its end to end encryption feature will not be available everywhere right away. The company is focusing on Belarus, Brazil, Israel and Thailand first, with other markets to get the same treatment in the weeks that follow.
Cyber crime is an increasingly serious business and a new report released today by Trustwave looks at the top trends from the past year based on real-world data from data breach investigations.
Key findings from the report include that 97 percent of applications tested by Trustwave in 2015 had at least one vulnerability. In addition 10 percent of the vulnerabilities discovered were rated as critical or high risk.
Security firm Kaspersky Lab today announced a new, specialized security solution, aimed at critical infrastructure and industrial facilities.
The solution, called Kaspersky Industrial CyberSecurity, is built to protect technological processes in industrial environments from cyber-attacks because, as the company says, these threats now have the potential to cross the realms, from the virtual one into the physical one, threatening not only businesses, but humanity and nature, as well.
Google is looking to take steps that will enable Chrome users to make more informed decisions about the extensions they install. Specifically, developers will have to provide more information about data collections in the interests of transparency.
It’s no secret that the best way to deal with ransomware is to avoid getting infected in the first place, and tools like BDAntiRansomware, Malwarebytes Anti-Ransomware and WinAntiRansom can do a lot to keep you safe.
If your defenses are bypassed and some data lost, there may still be hope, as companies and individual researchers are producing recovery tools all the time.
Generating a shortened URL to share content may seem like a good idea, but it may also expose you to unnecessary security risks, a new research paper shows. Titled Gone in Six Characters: Short URLs Considered Harmful for Cloud Services, it explains how short URLs can be used by malicious players to plant malware, copy personal files, and retrieve all sorts of personal information, like your home address, among other things.
URL shorteners, as their name suggest, are meant to bring long links, that can contain dozens of characters, usually down to just a few letters and numbers. That has some clear benefits: shortened URLs suit SMS messages and tweets better, look nicer in conversations, and allow services to track the number of clicks for a specific link, among other things. But the fact that they only contain a handful of characters makes them susceptible to brute-force search.
Researchers at security company ESET have released details of a new piece of malware that spreads disguised as video posts on Facebook.
Malicious links appear as a video post you were tagged in on a timeline, or as a message sent to you via Facebook Messenger by a friend. They use the titles, 'My first video', 'My video', 'Private video' or a string of randomly generated characters.
Many folks question all sorts of things within the IT world, one them being about backup and recovery solutions. Often questions arise that are compelling and need a good answer. One of the more popular queries is why someone would need to install a backup and recovery program when mirroring is already taking place. This is an excellent question, and comes up more often than you may think. Below you will find out why mirroring alone is not enough to ensure total protection regarding your data.
Though not entirely crazy, the stance of relying upon mirroring alone for data protection seems to come from an idea that is not fully informed regarding the potential problems that could arise. In fact, the truth of the matter is that issues will often spark during the restore process, and so individuals must be well-educated and prepared regarding why mirroring is not enough to grant the protection they may be looking for.
Apple’s QuickTime was popular years ago, particularly for anyone wanting to watch movie trailers on the web, but its time has long since passed. There’s really very little need to have it installed on your system these days.
Because you no longer need it isn’t the only reason to uninstall it though. Trend Micro’s Zero Day Initiative has released two advisories (ZDI-16-241 and ZDI-16-242) which detail new, critical vulnerabilities affecting QuickTime for Windows, and these won’t be patched as Apple has reportedly deprecated the software.
With data breaches making the news ever more frequently, businesses are on the look out for new ways to identify and guard against threats.
Cyber threat intelligence company DomainTools has released the results of a new survey conducted by the SANS Institute on the effectiveness of using threat hunting to aggressively track and eliminate cyber adversaries as early as possible.